USN-971-1: OpenJDK vulnerabilities

openjdk-6 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 10.04 LTS

Ubuntu 9.10

Ubuntu 9.04

Summary

Exposed arbitrary file contents to remote systems.

Software Description

openjdk-6 - Java Virtual Machine

Details

It was discovered that the IcedTea plugin did not correctly check certain
accesses. If a user or automated system were tricked into running a
specially crafted Java applet, a remote attacker could read arbitrary
files with user privileges, leading to a loss of privacy. (CVE-2010-2548,
CVE-2010-2783)

Update instructions

The problem can be corrected by updating your system to the following package versions: